RICHMOND (November 30, 2018) - Attorney General Mark R. Herring is warning Virginia consumers who could be affected by Marriott’s massive data breach to remain vigilant. According to a data breach notification from Marriott received today by Attorney General Herring, the Starwood guest reservation system, which includes hotels under the Marriott umbrella, had been hacked in a data breach going back to 2014. According to Marriott, nearly 327 million people could have had their personal information exposed including names, phone numbers, email addresses, mailing addresses and passport numbers.

“Massive data breaches, like the one Marriott announced today, are becoming more and more frequent,” said Attorney General Herring. “Millions of Virginians could have been impacted by Marriott’s data breach, and all consumers should exercise caution in the coming weeks and months to protect their personal information. I urge any Virginian who believes they have been impacted by this breach to keep a close eye on their finances, and if anyone thinks they have been a victim of identity theft or another financial crime in connection to this breach, to contact my office. While we do not know the full extent of the damage caused by this data breach, I will make sure to keep Virginians updated during this developing situation.”

Those impacted are now at an increased threat of identity theft. Virginians can access Attorney General Herring's Consumer Protection Section's Identity Theft Guide online for information on how to protect your personal information and what to do if you think you've been the victim of an identity theft.

Attorney General Herring urges all consumers to exercise caution and monitor their bank and credit card accounts for unauthorized charges, monitor credit reports, and change or strengthen passwords.

Virginians can visit info.starwoodhotels.com, a website established by Marriott, for information on the breach and ways to help protect themselves against misuse of hacked information. Additionally, Marriott has established a dedicated call center to answer any questions consumers may have about the breach. The call center will be open seven days a week and is available in multiple languages. Marriott will also be sending emails to guests whose information may have been involved in the breach and are providing guests with the opportunity to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found.